[Bug 827] New: limit: support is broken

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Sun Jun 9 00:53:54 CEST 2013


           Summary: limit: support is broken
           Product: nftables
           Version: unspecified
          Platform: x86_64
        OS/Version: All
            Status: NEW
          Severity: blocker
          Priority: P5
         Component: nft
        AssignedTo: pablo at netfilter.org
        ReportedBy: eric at regit.org
   Estimated Hours: 0.0

In src/netlink-linearize.c we have:
static void netlink_gen_limit_stmt(struct netlink_linearize_ctx *ctx,
                   const struct stmt *stmt)
    struct nfnl_nft_expr *nle;

    nle = alloc_nft_expr(nfnl_nft_limit_init);
    nfnl_nft_limit_set_rate(nle, stmt->limit.rate);
    nfnl_nft_limit_set_depth(nle, stmt->limit.depth);
    nfnl_nft_rule_add_expr(ctx->nlr, nle);
but in parser.y we have:
limit_stmt        :    LIMIT    RATE    NUM    SLASH    time_unit
                $$ = limit_stmt_alloc(&@$);
                $$->limit.rate    = $3;
                $$->limit.unit    = $5;
So the depth is always 0 and unit is not set.

Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.

More information about the netfilter-buglog mailing list